ID

VAR-202102-0486


CVE

CVE-2021-20645


TITLE

Multiple vulnerabilities in multiple ELECOM products

Trust: 0.8

sources: JVNDB: JVNDB-2021-000008

DESCRIPTION

Cross-site scripting vulnerability in ELECOM WRC-300FEBK-A allows remote authenticated attackers to inject arbitrary script via unspecified vectors. The following multiple vulnerabilities exist in multiple products provided by ELECOM CORPORATION. ・ Inadequate access restrictions (CWE-284) - CVE-2021-20643 -Script injection on the management screen (CWE-74) - CVE-2021-20644 ・ Retractable cross-site scripting (CWE-79) - CVE-2021-20645 ・ Cross-site request forgery (CWE-352) - CVE-2021-20646, CVE-2021-20647, CVE-2021-20650 ・ OS Command injection (CWE-78) - CVE-2021-20648 -Insufficient verification of server certificate (CWE-295) - CVE-2021-20649 ・ UPnP Via OS Command injection (CWE-78) - CVE-2014-8361 CVE-2021-20643 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Institute of Information Security Yuasa Laboratory Nagakawa ( Ishibashi ) Australia Mr CVE-2021-20644 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Sato Rei Mr CVE-2021-20645, CVE-2021-20646 These vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Mitsui Bussan Secure Direction Co., Ltd. Tetsuyuki Ogawa Mr CVE-2021-20647, CVE-2021-20648, CVE-2021-20649 These vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Cyber Defense Institute, Inc. Satoru Nagaoka Mr CVE-2021-20650 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Hiroshi Watanabe Mr CVE-2014-8361 The following person indicates that the product is vulnerable to IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Cyber Defense Institute, Inc. Satoru Nagaoka Mr., National Institute of Information and Communications Technology Makita Daisuke Mr., National Institute of Information and Communications Technology Woods Yoshiki MrThe expected impact depends on each vulnerability, but it may be affected as follows. -The management password of the product is changed by processing the request crafted by a remote third party. - CVE-2021-20643 ・ Crafted SSID Is displayed on the management screen, and any script is executed on the user's web browser. - CVE-2021-20644 -Any script is executed on the web browser of the user who is logged in to the product. - CVE-2021-20645 -When a user logged in to the management screen of the product accesses a specially crafted page, an arbitrary request is executed, and as a result, the settings of the product are changed unintentionally. telnet Daemon is started - CVE-2021-20646, CVE-2021-20647, CVE-2021-20650 ・ Any third party who can access the product OS Command is executed - CVE-2021-20648 ・ Man-in-the-middle attack (man-in-the-middle attack) The communication response has been tampered with, resulting in arbitrary in the product. OS Command is executed - CVE-2021-20649 ・ With the product UPnP Is valid, any by a third party who has access to the product OS Command is executed - CVE-2014-8361. ELECOM WRC-300FEBK-A is a wireless access device. ELECOM WRC-300FEBK-A has a cross-site scripting vulnerability. Attackers can use the vulnerability to inject malicious scripts or HTML code. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials

Trust: 2.25

sources: NVD: CVE-2021-20645 // JVNDB: JVNDB-2021-000008 // CNVD: CNVD-2021-14147 // VULMON: CVE-2021-20645

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-14147

AFFECTED PRODUCTS

vendor:elecommodel:wrc-300febk-ascope:eqversion: -

Trust: 1.0

vendor:elecommodel:ld-ps/u1scope:eqversion:(cve-2021-20643)

Trust: 0.8

vendor:elecommodel:ncc-ewf100rmwh2scope:eqversion:(cve-2021-20650)

Trust: 0.8

vendor:elecommodel:wrc-1467ghbk-ascope:eqversion:(cve-2021-20644)

Trust: 0.8

vendor:elecommodel:wrc-300febkscope:eqversion:(cve-2014-8361)

Trust: 0.8

vendor:elecommodel:wrc-300febk-ascope:eqversion:(cve-2021-20645, cve-2021-20646)

Trust: 0.8

vendor:elecommodel:wrc-300febk-sscope:eqversion:(cve-2021-20647, cve-2021-20648, cve-2021-20649, cve-2014-8361)

Trust: 0.8

vendor:elecommodel:wrc-f300nfscope:eqversion:(cve-2014-8361)

Trust: 0.8

vendor:elecommodel:wrc-300febk-ascope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2021-14147 // JVNDB: JVNDB-2021-000008 // NVD: CVE-2021-20645

CVSS

SEVERITY

CVSSV2

CVSSV3

IPA: JVNDB-2021-000008
value: MEDIUM

Trust: 4.8

nvd@nist.gov: CVE-2021-20645
value: MEDIUM

Trust: 1.0

IPA: JVNDB-2021-000008
value: HIGH

Trust: 0.8

CNVD: CNVD-2021-14147
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202101-2402
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2021-20645
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2021-000008
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IPA: JVNDB-2021-000008
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IPA: JVNDB-2021-000008
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:P/A:N
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IPA: JVNDB-2021-000008
severity: LOW
baseScore: 3.5
vectorString: AV:N/AC:M/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IPA: JVNDB-2021-000008
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IPA: JVNDB-2021-000008
severity: MEDIUM
baseScore: 5.2
vectorString: AV:A/AC:L/AU:S/C:P/I:P/A:P
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IPA: JVNDB-2021-000008
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:H/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2021-14147
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-20645
baseSeverity: MEDIUM
baseScore: 5.4
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.3
impactScore: 2.7
version: 3.1

Trust: 1.0

IPA: JVNDB-2021-000008
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

IPA: JVNDB-2021-000008
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

IPA: JVNDB-2021-000008
baseSeverity: MEDIUM
baseScore: 5.2
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

IPA: JVNDB-2021-000008
baseSeverity: MEDIUM
baseScore: 5.4
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

IPA: JVNDB-2021-000008
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

IPA: JVNDB-2021-000008
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

IPA: JVNDB-2021-000008
baseSeverity: MEDIUM
baseScore: 4.8
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2021-14147 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2021-000008 // CNNVD: CNNVD-202101-2402 // NVD: CVE-2021-20645

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.8

problemtype:CWE-78

Trust: 0.8

problemtype:CWE-Other

Trust: 0.8

problemtype:CWE-352

Trust: 0.8

problemtype:CWE-264

Trust: 0.8

sources: JVNDB: JVNDB-2021-000008 // NVD: CVE-2021-20645

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202101-2402

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-202101-2402

CONFIGURATIONS

sources: JVNDB: JVNDB-2021-000008

PATCH

title:無線LANルーターなどネットワーク製品の一部における脆弱性に関してurl:https://www.elecom.co.jp/news/security/20210126-01/

Trust: 0.8

title:Patch for ELECOM WRC-300FEBK-A cross-site scripting vulnerability (CNVD-2021-14147)url:https://www.cnvd.org.cn/patchInfo/show/250596

Trust: 0.6

sources: CNVD: CNVD-2021-14147 // JVNDB: JVNDB-2021-000008

EXTERNAL IDS

db:NVDid:CVE-2021-20645

Trust: 3.1

db:JVNid:JVN47580234

Trust: 2.4

db:JVNDBid:JVNDB-2021-000008

Trust: 1.4

db:CNVDid:CNVD-2021-14147

Trust: 0.6

db:CNNVDid:CNNVD-202101-2402

Trust: 0.6

db:VULMONid:CVE-2021-20645

Trust: 0.1

sources: CNVD: CNVD-2021-14147 // VULMON: CVE-2021-20645 // JVNDB: JVNDB-2021-000008 // CNNVD: CNNVD-202101-2402 // NVD: CVE-2021-20645

REFERENCES

url:https://www.elecom.co.jp/news/security/20210126-01/

Trust: 2.2

url:https://jvn.jp/en/jp/jvn47580234/index.html

Trust: 1.6

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20649

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20650

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20643

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8361

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20644

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20645

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20646

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20647

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20648

Trust: 0.8

url:https://jvn.jp/jp/jvn47580234/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-20645

Trust: 0.6

url:https://jvndb.jvn.jp/en/contents/2021/jvndb-2021-000008.html

Trust: 0.6

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/195679

Trust: 0.1

sources: CNVD: CNVD-2021-14147 // VULMON: CVE-2021-20645 // JVNDB: JVNDB-2021-000008 // CNNVD: CNNVD-202101-2402 // NVD: CVE-2021-20645

SOURCES

db:CNVDid:CNVD-2021-14147
db:VULMONid:CVE-2021-20645
db:JVNDBid:JVNDB-2021-000008
db:CNNVDid:CNNVD-202101-2402
db:NVDid:CVE-2021-20645

LAST UPDATE DATE

2024-08-14T13:54:14.307000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-14147date:2021-03-03T00:00:00
db:VULMONid:CVE-2021-20645date:2021-02-15T00:00:00
db:JVNDBid:JVNDB-2021-000008date:2021-01-26T03:12:23
db:CNNVDid:CNNVD-202101-2402date:2021-02-19T00:00:00
db:NVDid:CVE-2021-20645date:2021-02-15T01:37:56.010

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-14147date:2021-03-03T00:00:00
db:VULMONid:CVE-2021-20645date:2021-02-12T00:00:00
db:JVNDBid:JVNDB-2021-000008date:2021-01-26T03:12:23
db:CNNVDid:CNNVD-202101-2402date:2021-01-26T00:00:00
db:NVDid:CVE-2021-20645date:2021-02-12T07:15:15.137